@ShadowJonathan I'm gonna be honest i have no idea what any of these are besides the excavator

@ShadowJonathan sharks are firewalls

@ShadowJonathan anything but funcion and form radical is wrong.

“In the beginning the ARPANET was created.
This had made many people very angry and has been widely regarded as a bad move."

@ShadowJonathan@tech.lgbt I'm the WRT54G

@ShadowJonathan eBPF + XDP with a little VETH sprinkled in is a firewall.

@ShadowJonathan can't see 99% WAN packet drop here, is that covered by the excavator?

@ShadowJonathan I see this diagram more like 'bingo' - I think I've probably held almost all of these alignments in my career ...

@ShadowJonathan@tech.lgbt
just a few weeks ago our excavator firewall saved us from a hacker (i think, i don't know for sure since the internet was gone). Thank you city administration, that you enabled the excavator firewall

@ShadowJonathan (3,2) ofc

Anything is a firewall if you try hard enough

@ShadowJonathan I always make sure I know where my own trusty firewall is.

@ShadowJonathan bottom (🥺) right

I am a mentally stable network admin and can definitively be trusted with an excavator

@ShadowJonathan SQL Slammer is a firewall

@ShadowJonathan I needed this last week when I was explaining firewalls to my class

@ShadowJonathan WRT 4TW!

@ShadowJonathan https://www.theguardian.com/world/2011/apr/06/georgian-woman-cuts-web-access 🙏

@ShadowJonathan the chart is wrong but anyway:

iptables -t raw -A PREROUTING -j EXCAVATOR

@ShadowJonathan@tech.lgbt “NAT is a security feature”

@ShadowJonathan I am 100% “excavator is a firewall.”

@ShadowJonathan@tech.lgbt fedi is a firewall

@ShadowJonathan I wouldn't call IPTables a dedicated device, it runs on anything with that Penguin thingy on it.

@ShadowJonathan

@ShadowJonathan where does "NAT is my firewall" land me on that chart?

@ShadowJonathan @Wifiwits We prefer it to be written BIG-IP ;-) And AFM is a real firewall, I Promise! (and so does ICSA)

@ShadowJonathan Brb, going to go harass our network engineers with this

@ShadowJonathan my approach to firewall is usually "where is the thing?" can't be hacked if can't be found

@ShadowJonathan

in my reality I am WRT but in my mind I am excavator

@ShadowJonathan This is on my cubicle wall. I've been tempted to add this to my evidence for Firewalls that is submitted to the auditor.

@ShadowJonathan @wotsac

excavator

@ShadowJonathan @da_667 What if I told you…that it‘s irrelevant what you name a Firewall? Combine any of those as many as you want. All it needs to shatter your illusion of security is one vulnerable, exposed endpoint. 😜

@ShadowJonathan the firewall for my industrial network is the whole thing bursting into flames if you scan it

@ShadowJonathan Excavator is best firewall. Hands down.